Sub-resource integrity is a security feature that allows a developer to ensure that resources hosted on 3rd party services like CDN (Content Delivery Networks) are delivered to the application without any modification. The sub-resource integrity helps to load content faster as different resources like scripts and stylesheets are hosted in CDN. The SRI achieves this goal by comparing the hash value of resources present in the web server and the resources in third-party services. If the CDN gets hacked by an attacker, the SRI protects the application from attacker’s malicious move to attack the application using cross-site scripting. Example
The above code tells the browser to check https://example.beaglesecurity.com/example-framework.js with the hash value. Same hash value proves that the values have not been changed.
An attacker can gain access to Content Delivery Networks and cause huge damage to the application. If the attacker is one of the persons who had developed one of the CDN used by the application. He can gain access to your system by tweaking the content from CDN.
Beagle recommends the following fixes:-